onc_certification_g10_test_kit 3.0.0 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -64,7 +64,9 @@ module ONCCertificationG10TestKit
64
64
  end
65
65
  end
66
66
 
67
- return extract_profile('HeadCircumference') if observation_contains_code(resource, '9843-4')
67
+ if observation_contains_code(resource, '9843-4') && suite_options[:us_core_version] != 'us_core_3'
68
+ return extract_profile('HeadCircumference')
69
+ end
68
70
 
69
71
  # FHIR Vital Signs profiles: https://www.hl7.org/fhir/observation-vitalsigns.html
70
72
  # Vital Signs Panel, Oxygen Saturation are not required by USCDI
@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
79
79
 
80
80
  USCoreTestKit::USCoreV311::USCoreTestSuite.groups.each do |group|
81
81
  test_group = group.ancestors[1]
82
+
83
+ next if test_group.optional?
84
+
82
85
  id = test_group.id
83
86
 
84
87
  group_config = {}
@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
79
79
 
80
80
  USCoreTestKit::USCoreV400::USCoreTestSuite.groups.each do |group|
81
81
  test_group = group.ancestors[1]
82
+
83
+ next if test_group.optional?
84
+
82
85
  id = test_group.id
83
86
 
84
87
  group_config = {}
@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
6
6
  For each of the relevant USCDI data elements provided in the
7
7
  CapabilityStatement, this test executes the [required supported
8
8
  searches](http://hl7.org/fhir/us/core/STU4/CapabilityStatement-us-core-server.html)
9
- as defined by the US Core Implementation Guide v4.0.0.
9
+ as defined by the US Core Implementation Guide v5.0.1.
10
10
 
11
11
  The test begins by searching by one or more patients, with the expectation
12
12
  that the Bearer token provided to the test grants access to all USCDI
@@ -14,7 +14,7 @@ module ONCCertificationG10TestKit
14
14
  queries and checks that the results are consistent with the provided
15
15
  search parameters. It then performs a read on each Resource returned and
16
16
  validates the response against the relevant
17
- [profile](http://hl7.org/fhir/us/core/STU4/profiles-and-extensions.html)
17
+ [profile](http://hl7.org/fhir/us/core/STU5.0.1/profiles-and-extensions.html)
18
18
  as currently defined in the US Core Implementation Guide.
19
19
 
20
20
  All MUST SUPPORT elements must be seen before the test can pass, as well
@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
79
79
 
80
80
  USCoreTestKit::USCoreV501::USCoreTestSuite.groups.each do |group|
81
81
  test_group = group.ancestors[1]
82
+
83
+ next if test_group.optional?
84
+
82
85
  id = test_group.id
83
86
 
84
87
  group_config = {}
@@ -80,8 +80,7 @@ module ONCCertificationG10TestKit
80
80
  :ehr_patient_client_id,
81
81
  :ehr_patient_client_secret,
82
82
  :smart_authorization_url,
83
- :smart_token_url,
84
- :authorization_method
83
+ :smart_token_url
85
84
 
86
85
  test from: :g10_patient_context,
87
86
  config: {
@@ -1,4 +1,5 @@
1
1
  require_relative 'base_token_refresh_group'
2
+ require_relative 'smart_invalid_token_refresh_test'
2
3
  require_relative 'smart_scopes_test'
3
4
  require_relative 'unauthorized_access_test'
4
5
  require_relative 'well_known_capabilities_test'
@@ -399,6 +400,8 @@ module ONCCertificationG10TestKit
399
400
  )
400
401
  uses_request :token_refresh
401
402
  end
403
+
404
+ test from: :g10_invalid_token_refresh
402
405
  end
403
406
 
404
407
  test do
@@ -0,0 +1,37 @@
1
+ module ONCCertificationG10TestKit
2
+ class SMARTInvalidTokenRefreshTest < Inferno::Test
3
+ id :g10_invalid_token_refresh
4
+ title 'Refresh token exchange fails when supplied an invalid refresh token'
5
+ description %(
6
+ If the request failed verification or is invalid, the authorization server
7
+ returns an error response.
8
+
9
+ [OAuth 2.0 RFC (6749)](https://www.rfc-editor.org/rfc/rfc6749#section-6)
10
+ )
11
+ input :refresh_token, :smart_token_url, :client_id, :received_scopes
12
+ input :client_secret, optional: true
13
+
14
+ run do
15
+ skip_if refresh_token.blank?, 'No refresh token was received'
16
+
17
+ oauth2_params = {
18
+ 'grant_type' => 'refresh_token',
19
+ 'refresh_token' => SecureRandom.uuid
20
+ }
21
+ oauth2_headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }
22
+
23
+ oauth2_params['scope'] = received_scopes if config.options[:include_scopes]
24
+
25
+ if client_secret.present?
26
+ credentials = Base64.strict_encode64("#{client_id}:#{client_secret}")
27
+ oauth2_headers['Authorization'] = "Basic #{credentials}"
28
+ else
29
+ oauth2_params['client_id'] = client_id
30
+ end
31
+
32
+ post(smart_token_url, body: oauth2_params, headers: oauth2_headers)
33
+
34
+ assert_response_status([400, 401])
35
+ end
36
+ end
37
+ end
@@ -1,5 +1,6 @@
1
1
  require_relative 'base_token_refresh_group'
2
2
  require_relative 'patient_context_test'
3
+ require_relative 'smart_invalid_token_refresh_test'
3
4
  require_relative 'smart_scopes_test'
4
5
  require_relative 'unauthorized_access_test'
5
6
  require_relative 'unrestricted_resource_type_access_group'
@@ -322,6 +323,8 @@ module ONCCertificationG10TestKit
322
323
  )
323
324
  uses_request :token_refresh
324
325
  end
326
+
327
+ test from: :g10_invalid_token_refresh
325
328
  end
326
329
 
327
330
  group from: :g10_unrestricted_resource_type_access,
@@ -1,3 +1,3 @@
1
1
  module ONCCertificationG10TestKit
2
- VERSION = '3.0.0'.freeze
2
+ VERSION = '3.1.0'.freeze
3
3
  end
@@ -486,5 +486,41 @@ module ONCCertificationG10TestKit
486
486
  pass native_refresh_notes if native_refresh_notes.present?
487
487
  end
488
488
  end
489
+
490
+ test do
491
+ title 'Health IT developer demonstrates the public location of its base URLs'
492
+ description %(
493
+ To fulfill the API Maintenance of Certification requirement at §
494
+ 170.404(b)(2), the health IT developer demonstrates the public location
495
+ of its certified API technology service base URLs.
496
+ )
497
+ id :g10_public_url_attestation
498
+ input :public_url_attestation,
499
+ title: 'Health IT developer demonstrates the public location of its certified API technology service base URLs', # rubocop:disable Layout/LineLength
500
+ type: 'radio',
501
+ default: 'false',
502
+ options: {
503
+ list_options: [
504
+ {
505
+ label: 'Yes',
506
+ value: 'true'
507
+ },
508
+ {
509
+ label: 'No',
510
+ value: 'false'
511
+ }
512
+ ]
513
+ }
514
+ input :public_url_attestation_notes,
515
+ title: 'Notes, if applicable:',
516
+ type: 'textarea',
517
+ optional: true
518
+
519
+ run do
520
+ assert public_url_attestation == 'true',
521
+ 'Health IT developer did not demonstrate the public location of its certified API technology service base URLs.' # rubocop:disable Layout/LineLength
522
+ pass public_url_attestation_notes if public_url_attestation_notes.present?
523
+ end
524
+ end
489
525
  end
490
526
  end
@@ -22,7 +22,7 @@ module ONCCertificationG10TestKit
22
22
  required_capabilities = config.options[:required_capabilities] || []
23
23
 
24
24
  if suite_options[:us_core_version] == 'us_core_5' && required_capabilities.include?('launch-ehr')
25
- required_capabilities << 'context-ehr-encounter'
25
+ required_capabilities += ['context-ehr-encounter']
26
26
  end
27
27
 
28
28
  missing_capabilities = required_capabilities - capabilities
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: onc_certification_g10_test_kit
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stephen MacVicar
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-26 00:00:00.000000000 Z
11
+ date: 2022-09-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bloomer
@@ -44,14 +44,14 @@ dependencies:
44
44
  requirements:
45
45
  - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: 0.3.9
47
+ version: 0.3.11
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: 0.3.9
54
+ version: 0.3.11
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: json-jwt
57
57
  requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - '='
116
116
  - !ruby/object:Gem::Version
117
- version: 0.1.5
117
+ version: 0.1.7
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - '='
123
123
  - !ruby/object:Gem::Version
124
- version: 0.1.5
124
+ version: 0.1.7
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: tls_test_kit
127
127
  requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,14 @@ dependencies:
142
142
  requirements:
143
143
  - - '='
144
144
  - !ruby/object:Gem::Version
145
- version: 0.3.0
145
+ version: 0.3.1
146
146
  type: :runtime
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - '='
151
151
  - !ruby/object:Gem::Version
152
- version: 0.3.0
152
+ version: 0.3.1
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: database_cleaner-sequel
155
155
  requirement: !ruby/object:Gem::Requirement
@@ -284,6 +284,7 @@ files:
284
284
  - lib/onc_certification_g10_test_kit/smart_invalid_pkce_group.rb
285
285
  - lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb
286
286
  - lib/onc_certification_g10_test_kit/smart_invalid_token_group_stu2.rb
287
+ - lib/onc_certification_g10_test_kit/smart_invalid_token_refresh_test.rb
287
288
  - lib/onc_certification_g10_test_kit/smart_limited_app_group.rb
288
289
  - lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb
289
290
  - lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group_stu2.rb